EUVD-2008-6370

Malware in sbrugna...

EUVD-2015-5951

Malware in sbrugna...

EUVD-2015-7306

Malware in sbrugna...

refbase.vbi.vt.edu XSS vulnerability

Open Bug Bounty ID: OBB-448413 Description| Value ---|--- Affected Website:| refbase.vbi.vt.edu Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Chea...

refbase.wsulibs.wsu.edu XSS vulnerability

Vulnerable URL: http://refbase.wsulibs.wsu.edu/yellowstone/error.php?errorNo=10%22%3E%3Csvg/onload=alert/XSSPOSED/%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 28.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not...

Web Reference Database Multiple Vulnerabilities

Reference Database is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:refbase:refbase";...

CVE-2015-7382

SQL injection vulnerability in install.php in Web Reference Database aka refbase through 0.9.6 allows remote attackers to execute arbitrary SQL commands via the defaultCharacterSet parameter, a different issue than CVE-2015-6009...

CVE-2015-7381

Multiple PHP remote file inclusion vulnerabilities in install.php in Web Reference Database aka refbase through 0.9.6 allow remote attackers to execute arbitrary PHP code via the 1 pathToMYSQL or 2 databaseStructureFile parameter, a different issue than CVE-2015-6008...

CVE-2015-6012

Multiple open redirect vulnerabilities in Web Reference Database aka refbase through 0.9.6 and bleeding-edge before 2015-01-08 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the referrer parameter...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Web Reference Database aka refbase through 0.9.6 and bleeding-edge before 2015-01-08 allow remote attackers to inject arbitrary web script or HTML via the 1 errorNo or 2 errorMsg parameter to error.php; the 3 viewType parameter to...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in install.php in Web Reference Database aka refbase through 0.9.6 allow remote attackers to execute arbitrary PHP code via the 1 pathToMYSQL or 2 databaseStructureFile parameter, a different issue than CVE-2015-6008...

Sql injection

Multiple SQL injection vulnerabilities in Web Reference Database aka refbase through 0.9.6 allow remote attackers to execute arbitrary SQL commands via 1 the where parameter to rss.php or 2 the sqlQuery parameter to search.php, a different issue than CVE-2015-7382...

CVE-2015-6009

The vulnerability is in the Web Reference Database (refbase) prior to or up to version 0.9.6. Concrete details from connected sources show that it suffers SQL injection via (1) the where parameter to rss.php and (2) the sqlQuery parameter to search.php, caused by inadequate input filtering. This ...

CVE-2015-6012

CVE-2015-6012 concerns Web Reference Database (refbase) open redirect via the referrer parameter. Connected sources confirm multiple open redirect vulnerabilities affecting refbase versions 0.9.6 and earlier, with exploitation enabling phishing by redirecting users to arbitrary sites. The core de...

CVE-2015-6008

CVE-2015-6008 affects Web Reference Database (refbase) install.php up to version 0.9.6. A remote attacker can execute arbitrary PHP code by manipulating the adminPassword parameter, enabling remote code execution. This is a confirmed vulnerability entry with corroborating references indicating a ...

CVE-2015-6011

CVE-2015-6011 affects the Web Reference Database (refbase) prior to 0.9.6 (and bleeding-edge builds before 2015-01-08). The vulnerability is an XML injection via the unapi.php id parameter or the sru.php stylesheet parameter. Technical detail across connected sources confirms this is an XML injec...

CVE-2015-7383

Multiple cross-site scripting XSS vulnerabilities in Web Reference Database aka refbase through 0.9.6 and bleeding-edge through 2015-04-28 allow remote attackers to inject arbitrary web script or HTML via the 1 adminUserName, 2 pathToMYSQL, 3 databaseStructureFile, or 4 pathToBibutils parameter t...

CVE-2015-6007

Cross-site request forgery CSRF vulnerability in Web Reference Database aka refbase through 0.9.6 allows remote attackers to hijack the authentication of arbitrary users...

CVE-2015-7382

The connected documents confirm a SQL injection vulnerability in Web Reference Database (refbase) through version 0.9.6, exploitable via the defaultCharacterSet parameter in install.php, enabling remote execution of arbitrary SQL commands. This CVE is distinct from CVE-2015-6009 and is listed amo...

CVE-2015-6007

CVE-2015-6007 concerns Web Reference Database (refbase) up to version 0.9.6, with multiple reported vulnerabilities in a single entry. Public sources document a CSRF flaw allowing attackers to hijack user sessions, and the consolidated OpenVAS entry lists additional issues in the same 0.9.6+ bran...